Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/yazs3A52rQddTMewyt0E-gSCHVM.roa
File: yazs3A52rQddTMewyt0E-gSCHVM.roa (raw, json)
Hash identifier: nfL1EKbZLPEj21WXO/mwWfdJqrKn78J9l47ASEfXiSk=
Subject key identifier: C9:AC:EC:DC:0E:76:AD:07:5D:4C:C7:B0:CA:DD:04:FA:04:82:1D:53
Certificate issuer: /CN=304e59a223f4bcb823492fb1096c3a82310c03da
Certificate serial: 018CC86F075D9AC536C5EC0C5AD8A2E30773
Authority key identifier: 30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/yazs3A52rQddTMewyt0E-gSCHVM.roa
Signing time: Tue 02 Jan 2024 04:29:28 +0000
ROA not before: Tue 02 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12307
IP address blocks: 185.119.104.0/23 maxlen: 23
185.119.104.0/24 maxlen: 24
185.119.107.0/24 maxlen: 24
2a06:8a07::/32 maxlen: 32
2a06:8a00::/29 maxlen: 29
2a06:8a00::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 10 May 2024 11:20:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:07:5d:9a:c5:36:c5:ec:0c:5a:d8:a2:e3:07:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=304e59a223f4bcb823492fb1096c3a82310c03da
Validity
Not Before: Jan 2 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9acecdc0e76ad075d4cc7b0cadd04fa04821d53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:be:8a:4a:fa:79:27:05:26:ba:f1:42:96:d5:
79:8f:42:62:96:fb:2f:d2:84:c4:73:c4:e1:ea:a6:
50:89:13:06:25:24:26:a9:f1:10:e4:1a:23:43:46:
df:c1:44:80:46:e9:6f:8b:ec:82:d7:12:41:cc:12:
9f:c1:c1:93:b3:18:7c:f6:d1:f8:f6:37:58:f9:90:
c8:78:44:c4:ef:9a:c0:21:8a:95:c4:09:4f:41:34:
23:90:86:29:4a:05:c6:f4:63:63:14:d0:78:4a:41:
f0:7a:2c:8d:3b:31:64:93:ed:97:09:2a:2e:8f:f6:
d8:cf:c6:aa:a8:17:6d:ae:20:45:3e:3f:24:43:b0:
b4:75:30:e5:89:58:1a:f7:52:40:d3:e8:3d:33:8a:
37:b2:d7:70:91:80:57:a6:f6:30:0b:f3:e7:f9:ef:
69:d8:cf:fe:6c:ad:47:0a:d0:b7:24:8d:9f:95:1f:
b3:d7:28:46:54:02:b2:5a:df:6a:58:89:9b:57:b8:
db:64:4b:72:57:f6:69:7a:56:05:7f:2f:0b:91:ad:
9d:e4:a3:01:91:c8:b4:33:73:3e:72:f7:5a:7e:7f:
ea:cf:e1:c5:3a:01:95:27:a7:5a:b7:a8:3b:b5:a4:
ac:44:17:1c:f5:36:07:f0:29:a1:82:bd:af:21:9a:
96:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AC:EC:DC:0E:76:AD:07:5D:4C:C7:B0:CA:DD:04:FA:04:82:1D:53
X509v3 Authority Key Identifier:
keyid:30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/yazs3A52rQddTMewyt0E-gSCHVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.104.0/23
185.119.107.0/24
IPv6:
2a06:8a00::/29
Signature Algorithm: sha256WithRSAEncryption
71:4e:14:6a:20:65:b0:65:a9:bb:26:d1:8d:a9:61:a3:54:96:
d0:e0:b7:d1:c3:ac:04:00:46:7e:c4:c2:05:94:d6:52:e3:1c:
ec:a0:70:82:30:9a:7e:f2:fc:48:5a:c0:77:f6:6f:19:9f:47:
ff:d5:85:26:c8:66:e2:c4:a1:3b:16:99:08:ab:90:cd:1b:21:
9e:eb:e9:58:01:ea:d5:7c:28:3e:8d:24:59:77:a0:42:35:ee:
cf:c2:a9:56:e2:06:cb:76:ff:4f:4a:d8:ce:fe:26:43:e3:c4:
d8:2f:65:b4:b1:36:1b:e9:00:0e:65:c9:f3:6d:ee:b4:a0:53:
a9:d6:9d:cf:52:3a:90:89:df:06:28:63:5b:73:34:1d:11:97:
50:0e:ff:f6:0e:4d:e8:dc:31:28:a9:e4:c2:42:cf:c5:4b:57:
bd:59:3b:8d:61:0c:b5:63:33:8c:8c:3c:b0:33:cf:6f:90:32:
02:7e:5a:44:a6:f5:be:7c:f3:ab:c0:67:98:0f:f1:b4:e8:58:
c9:fa:98:45:8d:02:5f:02:d1:82:91:8e:34:68:c6:b6:3a:7e:
dd:33:e9:0c:96:f7:d6:7c:ab:4f:a6:c4:ef:cd:45:c9:aa:c6:
f2:f2:86:3a:98:8a:95:0a:ce:8e:01:72:eb:57:d7:90:51:6d:
1f:e6:f0:fe
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIbwddmsU2xewMWtii4wdzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNGU1OWEyMjNmNGJjYjgyMzQ5MmZiMTA5NmMzYTgyMzEw
YzAzZGEwHhcNMjQwMTAyMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWFjZWNkYzBlNzZhZDA3NWQ0Y2M3YjBjYWRkMDRmYTA0ODIxZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkb6KSvp5JwUmuvFCltV5j0Jilvsv
0oTEc8Th6qZQiRMGJSQmqfEQ5BojQ0bfwUSARulvi+yC1xJBzBKfwcGTsxh89tH4
9jdY+ZDIeETE75rAIYqVxAlPQTQjkIYpSgXG9GNjFNB4SkHweiyNOzFkk+2XCSou
j/bYz8aqqBdtriBFPj8kQ7C0dTDliVga91JA0+g9M4o3stdwkYBXpvYwC/Pn+e9p
2M/+bK1HCtC3JI2flR+z1yhGVAKyWt9qWImbV7jbZEtyV/ZpelYFfy8Lka2d5KMB
kci0M3M+cvdafn/qz+HFOgGVJ6dat6g7taSsRBcc9TYH8Cmhgr2vIZqWHwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMms7NwOdq0HXUzHsMrdBPoEgh1TMB8GA1UdIwQY
MBaAFDBOWaIj9Ly4I0kvsQlsOoIxDAPaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTct
MzQ0Y2M1MDJmMWJkLzEveWF6czNBNTJyUWRkVE1ld3l0MEUtZ1NDSFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTctMzQ0Y2M1MDJmMWJk
LzEvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuXdoAwQA
uXdrMA0EAgACMAcDBQMqBooAMA0GCSqGSIb3DQEBCwUAA4IBAQBxThRqIGWwZam7
JtGNqWGjVJbQ4LfRw6wEAEZ+xMIFlNZS4xzsoHCCMJp+8vxIWsB39m8Zn0f/1YUm
yGbixKE7FpkIq5DNGyGe6+lYAerVfCg+jSRZd6BCNe7PwqlW4gbLdv9PStjO/iZD
48TYL2W0sTYb6QAOZcnzbe60oFOp1p3PUjqQid8GKGNbczQdEZdQDv/2Dk3o3DEo
qeTCQs/FS1e9WTuNYQy1YzOMjDywM89vkDICflpEpvW+fPOrwGeYD/G06FjJ+phF
jQJfAtGCkY40aMa2On7dM+kMlvfWfKtPpsTvzUXJqsby8oY6mIqVCs6OAXLrV9eQ
UW0f5vD+
-----END CERTIFICATE-----
Generated at Fri May 10 15:37:42 2024 by rpki-client on console-ams.rpki-client.org